Conventionally, managing a user in xSP (extended service provider) was based on a simple authentication scheme. However, as online markets prevail, development of new markets became necessary. Particularly, the necessity of managing the access according to roles and resources becomes important.
Conventional products, such as access managing solutions or packages, are targeted to a small scale portal site or in-house intranet. These products not only are expensive but have low efficiency, because they adopt a real-time centralized management scheme and have a complicated hierarchical structure, and because limited users can use them.
The drawbacks of the conventional access managing method will be detailed.
(1) Extreme network traffic because of a centralized authority management                A central management server between a web server and a directory (or DB) server plays a role of real-time management for session and access. The central management server checks the request signals received from all of the users and grants the authority. Therefore, this is suitable only for an in-house intranet or a small scale portal site, which has a small number of users and small amount of usage. In addition, considering the properties of xSP (i.e., user number more 10 million, simple hierarchical structure, and frequent network usage), this centralized management model requires excessive maintenance costs for solving the performance degradation due to a large scale network traffic.        
(2) Instability of authority cache                Generally, to overcome the drawback of the centralized management, “authority cache” is added. This can improve processing performance by reducing a network traffic by processing itself in the pertinent web server on the request of the same resources or users. However, it is inevitable that it is impossible to be simplified and it is difficult to control the cache size to a stable service, and thus it should need a long term trial-and-error.        
(3) Inefficiency of session management                Since the sessions for all the users are managed by the central server, the centralized management model is suitable only for a small scale intranet model. For real-time session management, it requires large cookies greater than kB-unit. However, in the properties of xSP, centralized session management and extremely large cookies are very inefficient in the network load or server availability aspect.        
From the foregoing, it is needed a new type of access management solution that satisfies the requirements of large scale and high performance.